SERVER=
OPT=
+FAKE =
.include DIR/aux-var/std_conf_prefix
# ----- Main settings -----
-acl_smtp_rcpt = accept
-acl_smtp_dkim = accept logwrite = signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames
+acl_smtp_rcpt = accept logwrite = rcpt acl: macro: _DKIM_SIGN_HEADERS
+acl_smtp_dkim = accept logwrite = dkim_acl: signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames
+acl_smtp_data = accept logwrite = data acl: dkim status $dkim_verify_status
+dkim_verify_signers = $dkim_signers : FAKE
+
+DDIR=DIR/aux-fixed/dkim
+
+log_selector = -dkim +dkim_verbose
# ----- Routers
.else
dkim_selector = sel
.endif
- dkim_private_key = DIR/aux-fixed/dkim/dkim.private
+
+ dkim_private_key = ${extract {${length_3:$dkim_selector}} {\
+ ses=dkim512.private \
+ sel=dkim.private \
+ sed=dkim_ed25519.private \
+ }{DDIR/$value}}
+
.ifndef HEADERS_MAXSIZE
dkim_sign_headers = OPT
+.else
+ dkim_identity = allheaders@$dkim_domain
.endif
.ifdef VALUE
dkim_hash = VALUE
.endif
+.ifdef STRICT
+ dkim_strict = STRICT
+.endif
# End